Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    42faa54ab4183e9497c243e7543ac16f

  • Size

    371KB

  • Sample

    240105-g6de5sfeh9

  • MD5

    42faa54ab4183e9497c243e7543ac16f

  • SHA1

    89ac1eb6b7cf5e3c71966f9891b97e21a078f101

  • SHA256

    a024f189799cced8d2b2b164f4cc73b0eb9e12784bc977f182175bb61c17a171

  • SHA512

    8c4befdff6d72f78ef3fd0eaac34f9933bebd276f0d05863b301bc8199461ff6d7cd2ecf6eba7e1d4f1b1023613f164104c072effada5ced4a00138dbee481da

  • SSDEEP

    6144:lTuY1NjS3LlNGyYePTDtVjSIbU2oCs8jvHtM/fifUfglQkg74PSn04ThflRHf2VF:lTVS3LloEPTDtYsZ3jPMiMga9OS04TrS

Score
10/10

Malware Config

Targets

    • Target

      42faa54ab4183e9497c243e7543ac16f

    • Size

      371KB

    • MD5

      42faa54ab4183e9497c243e7543ac16f

    • SHA1

      89ac1eb6b7cf5e3c71966f9891b97e21a078f101

    • SHA256

      a024f189799cced8d2b2b164f4cc73b0eb9e12784bc977f182175bb61c17a171

    • SHA512

      8c4befdff6d72f78ef3fd0eaac34f9933bebd276f0d05863b301bc8199461ff6d7cd2ecf6eba7e1d4f1b1023613f164104c072effada5ced4a00138dbee481da

    • SSDEEP

      6144:lTuY1NjS3LlNGyYePTDtVjSIbU2oCs8jvHtM/fifUfglQkg74PSn04ThflRHf2VF:lTVS3LloEPTDtYsZ3jPMiMga9OS04TrS

    Score
    10/10
    • Detect ZGRat V1

    • Modifies WinLogon for persistence

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Executes dropped EXE

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks